CVE: CVE-2002-0712 - CVE-Search

CVE Details for CVE: CVE-2002-0712

Summary

Entrust Authority Security Manager (EASM) 6.0 does not properly require multiple master users to change the password of a master user, which could allow a master user to perform operations that require multiple authorizations.

Timestamps
Last major update	11-07-2017 - 01:29
Published	03-02-2004 - 05:00
Last modified	11-07-2017 - 01:29

References

Vulnerable Configurations

cpe:2.3:a:entrust:entrust_authority_security_manager:5.0:*:*:*:*:*:*:*
cpe:2.3:a:entrust:entrust_authority_security_manager:5.0:*:*:*:*:*:*:*
cpe:2.3:a:entrust:entrust_authority_security_manager:6.0:*:*:*:*:*:*:*
cpe:2.3:a:entrust:entrust_authority_security_manager:6.0:*:*:*:*:*:*:*

CAPEC

Click the CAPEC title to display a description

CWE

NVD-CWE-Other

CVSS

Base

2.1

Impact

2.9

Exploitability

3.9

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

CVSS3

None

VIA4 references

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	7284
cert-vn	VU#720017
confirm	http://www.kb.cert.org/vuls/id/AAMN-5KKVXC
xf	easm-multiple-authorization-bypass(11724)